Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.EULEROS_SA-2023-1733.NASL
HistoryMay 06, 2023 - 12:00 a.m.

EulerOS Virtualization 3.0.2.0 : libjpeg-turbo (EulerOS-SA-2023-1733)

2023-05-0600:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
4
euleros virtualization
libjpeg-turbo
vulnerability
heap-based buffer overflow
ppm reader
16-bit binary
rgb buffer
security advisory
tenable network security
cve-2021-46822
JSON

According to the versions of the libjpeg-turbo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

  • The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c. (CVE-2021-46822)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(175165);
  script_version("1.0");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/05/06");

  script_cve_id("CVE-2021-46822");

  script_name(english:"EulerOS Virtualization 3.0.2.0 : libjpeg-turbo (EulerOS-SA-2023-1733)");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS Virtualization host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the libjpeg-turbo package installed, the EulerOS Virtualization installation on the remote
host is affected by the following vulnerabilities :

  - The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary
    PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related
    to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c. (CVE-2021-46822)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security
advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional
issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1733
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?7a1b870b");
  script_set_attribute(attribute:"solution", value:
"Update the affected libjpeg-turbo packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-46822");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/06/18");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/05/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/05/06");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libjpeg-turbo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:3.0.2.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version");

  exit(0);
}

include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

var _release = get_kb_item("Host/EulerOS/release");
if (isnull(_release) || _release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
var uvp = get_kb_item("Host/EulerOS/uvp_version");
if (uvp != "3.0.2.0") audit(AUDIT_OS_NOT, "EulerOS Virtualization 3.0.2.0");
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu && "x86" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);

var flag = 0;

var pkgs = [
  "libjpeg-turbo-1.2.90-6.h11"
];

foreach (var pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libjpeg-turbo");
}
VendorProductVersionCPE
huaweieulerosuvpcpe:/o:huawei:euleros:uvp:3.0.2.0
huaweieuleroslibjpeg-turbop-cpe:/a:huawei:euleros:libjpeg-turbo

Related

nessus 20
rocky 1
openvas 15
cbl_mariner 1
cvelist 1
prion 1
osv 4
cve 1
debiancve 1
mageia 1
ubuntucve 1
oraclelinux 1
amazon 1
redhatcve 1
almalinux 1
redhat 1
cloudfoundry 1
ubuntu 1
ibm 1
nessus
nessus
EulerOS 2.0 SP9 : libjpeg-turbo (EulerOS-SA-2022-2325)
2022-09-14 00:00:00
RHEL 9 : libjpeg-turbo (RHSA-2023:1068)
2023-03-06 00:00:00
EulerOS Virtualization 2.10.1 : libjpeg-turbo (EulerOS-SA-2022-2893)
2022-12-27 00:00:00
rocky
rocky
libjpeg-turbo security update
2023-03-08 16:38:23
openvas
openvas
Huawei EulerOS: Security Advisory for libjpeg-turbo (EulerOS-SA-2022-2351)
2022-09-26 00:00:00
Huawei EulerOS: Security Advisory for libjpeg-turbo (EulerOS-SA-2022-2442)
2022-10-10 00:00:00
Mageia: Security Advisory (MGASA-2022-0353)
2022-10-03 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-46822 affecting package libjpeg-turbo 2.0.0-7
2022-07-14 20:59:55
cvelist
cvelist
CVE-2021-46822
2022-06-18 15:27:44
prion
prion
Heap overflow
2022-06-18 16:15:00
osv
osv
Moderate: libjpeg-turbo security update
2023-03-06 00:00:00
CVE-2021-46822
2022-06-18 16:15:08
Moderate: libjpeg-turbo security update
2023-03-08 16:38:23
cve
cve
CVE-2021-46822
2022-06-18 16:15:00
debiancve
debiancve
CVE-2021-46822
2022-06-18 16:15:00
mageia
mageia
Updated libjpeg packages fix security vulnerability
2022-10-01 20:48:24
ubuntucve
ubuntucve
CVE-2021-46822
2022-06-18 00:00:00
oraclelinux
oraclelinux
libjpeg-turbo security update
2023-03-06 00:00:00
amazon
amazon
Medium: libjpeg-turbo
2023-08-17 11:58:00
redhatcve
redhatcve
CVE-2021-46822
2022-06-22 09:36:12
almalinux
almalinux
Moderate: libjpeg-turbo security update
2023-03-06 00:00:00
redhat
redhat
(RHSA-2023:1068) Moderate: libjpeg-turbo security update
2023-03-06 10:50:14
cloudfoundry
cloudfoundry
USN-5631-1: libjpeg-turbo vulnerabilities | Cloud Foundry
2022-09-29 00:00:00
ubuntu
ubuntu
libjpeg-turbo vulnerabilities
2022-09-22 00:00:00
ibm
ibm
Security Bulletin: IBM Transform Services for IBM i is vulnerable to denial of service, buffer overflow, and allowing attacker to obtain sensitive information due to multiple vulnerabilities.
2022-11-17 15:02:38
JSON
Related for EULEROS_SA-2023-1733.NASL
nessus20rocky1openvas15cbl_mariner1cvelist1prion1osv4cve1debiancve1mageia1ubuntucve1oraclelinux1amazon1redhatcve1almalinux1redhat1cloudfoundry1ubuntu1ibm1